Skip to main content
  2. Powerschool Data Hack Letter

Powerschool Data Hack Letter

Park County School District 16

February 4, 2025

Dear Park 16 Parents and Guardians,

On December 28, 2024, PowerSchool became aware of a cybersecurity incident involving unauthorized access to certain student information across multiple school districts around the world.  This was reported to affected school districts on January 8, 2025. We were informed at that time that our district was not affected by the cybersecurity incident.  We were informed this week that in their continued investigation, our data was also compromised.  This includes former students and staff as well as current.  

The following student information was compromised:

  • Full name

  • Date of birth

  • Address

  • Medical alerts (e.g., nut allergies, asthma, medications)

  • Gender

  • Race/Ethnicity

  • Social Security Number

Additionally, guardian-related details, such as names of individuals authorized for student pickup (e.g., grandparents or family friends), were included in the breach.

While our district has robust systems to protect student data, this breach was outside our control. PowerSchool has assured us that they are not experiencing, nor do they anticipate any operational disruptions. Their services continue as normal, and there is no ongoing malicious activity within their environment.

To prevent further unauthorized access or misuse, PowerSchool has taken the following steps:

  • Verified the data has been deleted through video confirmation.

  • Obtained assurances that the data was not replicated or disseminated further.

  • Engaged cybersecurity experts to monitor the dark web for any references to the compromised data.

PowerSchool does not anticipate the data being shared or made public and will continue monitoring for any potential risks. In addition, they have engaged Experian, a trusted credit reporting agency, to provide complimentary identity protection and credit monitoring services to current and former students and educators that had information exfiltrated from PowerSchool SIS. PowerSchool is doing this regardless of whether an individual’s Social Security Number was exfiltrated. In the coming weeks, Experian (on behalf of PowerSchool) will be distributing direct email notifications to involved individuals (or their parent/guardian, as applicable) for whom PowerSchool has sufficient contact information.

Additionally, PowerSchool has worked with Experian to set up a dedicated, toll-free call center to answer any questions associated with these offerings and the incident. All the information regarding the activation of and access to these services will be included in the email sent to you by Experian. Whether or not you receive an email, you may also visit PowerSchool’s website to learn how to activate the offering from Experian, linked here: http://www.powerschool.com/security/sis-incident/notice-of-united-states-data-breach/.

As a district, we are working closely with the State of Wyoming Cyber Assistance Response Effort (CARE), Wyoming Homeland Security, and the Wyoming Department of Education (WDE) to address this breach. We will remain vigilant and monitor all relevant accounts for unusual activity as a precaution.

If you have any questions or need further clarification regarding this data breach please contact the Park 16 District office at 307-868-2501.  Protecting the privacy and security of our students and staff remains a high priority.

Sincerely,

Shane Ogden

Superintendent